CVE-2026-57027
Undergoing Analysis Undergoing Analysis - In Progress

Memory Leak in Juniper Junos OS on EX Series Devices

Vulnerability report for CVE-2026-57027, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-09

Last updated on: 2026-07-10

Assigner: Juniper Networks, Inc.

Description

A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX Series devices allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS).When sFlow is configured in a Virtual Chassis (VC) scenario with EX4100 Series or EX4400 Series devices, multicast traffic which is received on one VC member and sent out on another member leads to a memory leak and ultimately an FPC crash and restart. The leak can be monitored by watching the continuous increase of the buffer values in the output of: user@host> show chassis fpc This issue affects Junos OS onΒ EX4100 Series and EX4400: * all versions before 23.2R2-S7, * 23.4 versions before 23.4R2-S7, * 24.2 versions before 24.2R2-S4, * 24.4 versions before 24.4R2.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-09
Last Modified
2026-07-10
Generated
2026-07-11
AI Q&A
2026-07-10
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 4 associated CPEs
Vendor Product Version / Range
juniper junoss to 23.2R2-S7 (exc)
juniper junoss to 23.4R2-S7 (exc)
juniper junoss to 24.2R2-S4 (exc)
juniper junoss to 24.4R2 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-401 The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a Missing Release of Memory after Effective Lifetime issue in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX Series devices.

When sFlow is configured in a Virtual Chassis scenario with EX4100 or EX4400 Series devices, multicast traffic received on one Virtual Chassis member and sent out on another causes a memory leak.

This memory leak leads to an FPC (Flexible PIC Concentrator) crash and restart, which can be observed by monitoring increasing buffer values using the command 'show chassis fpc'.

An unauthenticated adjacent attacker can exploit this to cause a Denial-of-Service (DoS) condition.

Impact Analysis

The vulnerability can cause a Denial-of-Service (DoS) on affected Juniper EX4100 and EX4400 Series devices running vulnerable versions of Junos OS.

Specifically, the memory leak caused by multicast traffic in a Virtual Chassis setup can lead to an FPC crash and restart, disrupting network operations.

Since the attacker can be unauthenticated and adjacent, this increases the risk of service disruption without requiring privileged access.

Detection Guidance

This vulnerability can be detected by monitoring the memory usage related to the packet forwarding engine (pfe) on affected Juniper EX4100 and EX4400 Series devices when sFlow is configured in a Virtual Chassis scenario.

Specifically, you can watch for a continuous increase of the buffer values which indicates a memory leak.

The recommended command to monitor this is:

  • show chassis fpc
Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Mitigation Strategies

To mitigate this vulnerability, you should upgrade Junos OS on affected EX4100 and EX4400 Series devices to a fixed version. Specifically, update to versions 23.2R2-S7 or later, 23.4R2-S7 or later, 24.2R2-S4 or later, or 24.4R2 or later.

Additionally, monitor the buffer values using the command 'show chassis fpc' to detect any continuous increase that indicates a memory leak.

If possible, consider disabling sFlow in Virtual Chassis scenarios until the update is applied, as the issue occurs when sFlow is configured in such environments.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-57027. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart